检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Figure 1 VPC and related services Table 1 Related services Service Interaction Function Elastic Cloud Server (ECS) Using Security Groups to Protect ECS Network Security Elastic IP (EIP) Using an EIP to Connect a VPC to the Internet NAT Gateway Using a Public NAT Gateway to Connect
For this to work, you first need to create a public NAT gateway in a third subnet (Subnet-NAT), and then configure SNAT rules on the public NAT gateway for Subnet-A01 and Subnet-A02.
NAT Gateway is easier to configure and use than SNAT. This service can be flexibly deployed across subnets and AZs and has different NAT gateway specifications. You can click NAT Gateway under Networking on the management console to try this service.
Creates a NAT gateway with an EIP bound and configures SNAT rules to enable Subnet-01 to connect to the Internet. Account B Principal Creates ECSs and RDS instances in Subnet-01 to deploy applications that can be accessed over the Internet.
Public NAT gateways: enables instances (such as ECSs or BMSs) in a VPC to share an EIP to communicate with the Internet. A public NAT gateway supports up to 20 Gbit/s of bandwidth. For details, see What Is NAT Gateway?
Scenario 3: Unbinding an EIP from a NAT Gateway and Binding a New EIP to the NAT Gateway Assign an EIP by referring to 2. If you already have an EIP that you require, skip this step. Modify an SNAT rule. For details, see Modifying an SNAT Rule.
Viewing and Deleting Resources in a Subnet Delete the NAT gateway that is using the subnet and then delete the subnet. The subnet is being used by a NAT gateway. Delete the NAT gateway and then delete the subnet.
Public NAT gateways: enables instances (such as ECSs or BMSs) in a VPC to share an EIP to communicate with the Internet. A public NAT gateway supports up to 20 Gbit/s of bandwidth. For details, see What Is NAT Gateway?
For example: The VPC route table of an ECS has a custom route with 0.0.0.0/0 as the destination and NAT gateway as the next hop.
When type is nat, the value a NAT gateway ID. When type is peering, the value is a VPC peering connection ID. When type is vpn, the value is a VPN ID. When type is dc, the value is a Direct Connect connection ID. When type is cc, the value is a Cloud Connect connection ID.
NAT Gateway SNAT DNAT NAT Gateway supports both source NAT (SNAT) and destination NAT (DNAT). SNAT enables multiple instances to share one or more EIPs to access the public network.
NAT gateway You can directly jump to the target NAT gateway page. Click the NAT gateway name in the Networking Components area. The NAT gateway details page is displayed. Click to return to the NAT gateway list.
You can use public NAT gateways to enable the ECSs in the VPC to share an EIP to access or be accessed by the Internet. For more information, see the NAT Gateway User Guide. Parent topic: EIPs
When type is nat, the value a NAT gateway ID. When type is peering, the value is a VPC peering connection ID. When type is vpn, the value is a VPN ID. When type is dc, the value is a Direct Connect connection ID. When type is cc, the value is a Cloud Connect connection ID.
gateway natgateways createNatGateway Modifying a public NAT gateway natgateways updateNatGateway Deleting a public NAT gateway natgateways deleteNatGateway Creating a DNAT rule dnatrules createDnatRule Modifying a DNAT rule dnatrules updateDnatRule Deleting a DNAT rule dnatrules
When type is nat, the value a NAT gateway ID. When type is peering, the value is a VPC peering connection ID. When type is vpn, the value is a VPN ID. When type is dc, the value is a Direct Connect connection ID. When type is cc, the value is a Cloud Connect connection ID.
NAT gateway Traffic intended for the destination is forwarded to a NAT gateway. VPC peering connection Traffic intended for the destination is forwarded to a VPC peering connection.
The destination of route C is 0.0.0.0/0, with an NAT gateway as the next hop.
When type is nat, the value a NAT gateway ID. When type is peering, the value is a VPC peering connection ID. When type is vpn, the value is a VPN ID. When type is dc, the value is a Direct Connect connection ID. When type is cc, the value is a Cloud Connect connection ID.
Supplementary network interface Yes Yes NAT gateway Yes Yes VPC peering connection Yes Yes Virtual IP address Yes Yes VPC endpoint No No Cloud container No No Enterprise router Yes Yes Cloud firewall Yes Yes If the Direct Connect service is enabled by call or email, the routes delivered
